Ubuntu One storage protocol

how secure and private is U1?

Asked by John Jaarsveld

Security and privacy is very important to me, personally and professionally. I would very much like to see an explanation how secure the connection is and the storage room itself.
How easy (difficult) can a hacker get entry to my storage room and what should I look out for, not wanting to share my files accidentaly with the world?

regards,

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu One storage protocol Edit question
Assignee:
Lucio Torre Edit question
Last query:
Last reply:
Whiteboard:
Assigning to Lucio as he or one of his people can best answer this question.
Revision history for this message
Lucio Torre (lucio.torre) said : 		#1

This is a difficult question to answer.

So, instead of telling you how secure the system is, im going to detail the security measures that we have in place:

To authenticate the servers to the client we use ssl and certificates. To encrypt the data streams between client and server we also use ssl. That's good enough for banks, it should be good enough for us.

To authenticate the client we use oauth. This means that the client has a token that it will pass to the server to validate it. This will allow you to authenticate many machines independently, and remove access from any one machine just by going to the website.

We are not storing your files encrypted in out data storage, as we need them unencrypted so we can send them to the people you choose to share with.

If you are really paranoid, you could always store the files already encrypted so we never see the plain text files.

Can you help with this problem?

Provide an answer of your own, or ask John Jaarsveld for more information if necessary.

To post a message you must log in.